The invention relates to mobile systems and especially to detecting, in a mobile system, the use of a terminal whose equipment identity has been copied.
In many mobile systems, subscribers and terminal equipment have not been bound together in a fixed manner, but they use subscriber-specific identity modules and individual equipment identities to distinguish terminal equipment from each other. The identity module used to identify the subscriber, such as the SIM card (subscriber identity module) used in the pan-European digital cellular radio system GSM (Global System for Mobile Communications), is a smart card attached to the terminal, allowing the subscriber to use the terminal and containing information for identifying the subscriber, for instance. An example of such an identity module is the IMSI (international mobile subscriber identity) used in the GSM system and comprising a mobile station country code, a mobile network identity and a subscriber identity.
The mobile station MS shown in FIG. 1 comprises terminal equipment TE and a 1-2 smart card SIM attachable to the terminal equipment. In the GSM system, an IMEI (international mobile equipment identity) identifying the equipment is typically stored in the programmable memory of the terminal equipment, e.g. in the EEPROM (electrically erasable programmable read only memory), during the manufacture of the terminal. The IMEI comprises a type approval code, a final assembly code and a serial number.
Mobile networks contain a facility in which the equipment identity of a terminal is checked to ensure that the terminal in question is not stolen, for instance, or that the use of the terminal equipment does not cause interference in the mobile network. The equipment identity can, for instance, be requested when the terminal equipment has set up a connection to a mobile switching centre or is performing a location update. After this, the equipment identity is compared with the equipment identities in the EIR (equipment identity register) or elsewhere in the mobile system, and on the basis of the comparison, the use of the terminal equipment is either prevented or allowed.
Prior art with respect to equipment identification is described in the publication WO96/36194 “Checking the Access Right of a Subscriber Equipment”. In it, when a terminal registers into a mobile system, the system acquires the information related to the subscriber. At the same time, the mobile station also transmits its own equipment identity to the mobile system. After this, the equipment identity transmitted by the mobile station is compared with the equipment identities allowed for the subscriber identity transmitted by said mobile station and stored in the home database and if the equipment identity transmitted by said mobile station is found among the equipment identities allowed for said subscriber identity, the operation of the mobile station continues normally. Otherwise, the use of the mobile station is prevented.
Even though in the above publication, the validity of the operation of the mobile station is checked by comparing the equipment identity transmitted by the mobile station with the identity or identities allowed for the subscriber in question in the home database, a problem with the arrangement described in said publication is that it does not check whether there is more than one mobile station registered into the mobile system with the same terminal equipment identity. Neither does the arrangement described in the publication check the subscriber identities of mobile stations which are registered at the same time with the same equipment identity. The prior art presented in the publication thus cannot detect mobile stations whose equipment identities have been copied.
The equipment identity IMEI of the mobile station MS shown in FIG. 1 can be cloned, i.e. copied, during manufacture, for instance. In such a case, an equipment identity already in use is programmed into the memory of what is known as null-IMEI equipment (terminal equipment with no equipment identity stored in its memory as yet). After this, the terminals in question cannot be distinguished from each other, since their identities are identical.
This programming can also be done after the terminal equipment has received its individual equipment identity. In such a case, the equipment identity of a stolen terminal, for instance, is deleted from the programmable memory of the terminal with ultraviolet light and a new equipment identity is programmed in place of the old equipment identity.